TLS is a widely deployed protocol over IP networks for providing a secure channel between two communicating hosts, typically a client and a server. In fact, TLS allows client/server-based applications (such as Web browsing, electronic mail, Voice-over-IP, video-phoning, video-conferencing, Internet faxing, or instant messaging) to communicate, while preventing eavesdropping and message forgery and tampering.
TLS includes a handshake protocol for authentication and security parameters negotiation between two communicating entities, and a record protocol for data transfer between these two communicating entities using the parameters agreed via the handshake protocol.
For establishing a TLS session, the handshake protocol—as defined in RFC2246—allows peers to agree upon security parameters for the record layer (such as the encryption algorithm and the encryption keys), to authenticate themselves, to instantiate negotiated security parameters and to report error conditions to each other.
It's not possible to change cryptographic parameters within a TLS session. Once the handshake has been done, the parameters will remain all session long. The only way to use different parameters is to open another TLS session or to use a not-secured connection at the same time.
If the first TLS session is not closed when the second one is opened, another port must be used on the client.
If a single file or a data stream are to be transmitted, with only some parts needing a strong encryption, two connections need to be opened at the same time. Then, the client and server have to deal with synchronization problems to deliver data in the right order.
There is a need to overcome the drawbacks and limitations of the current TLS protocol.